AI Threat Alert

Google

432 AI/ML vulnerabilities tracked for Google.

432

Total CVEs

22

Pages

Page 15 of 22

Current

Severity	CVE	Headline	Package	CVSS
MEDIUM	CVE-2022-23577	TensorFlow: null pointer deref crashes model loader	tensorflow	6.5
MEDIUM	CVE-2022-23578	TensorFlow: memory leak via invalid graph node	tensorflow	4.3
MEDIUM	CVE-2022-23579	TensorFlow: DoS via Grappler optimizer CHECK failure	tensorflow	6.5
MEDIUM	CVE-2022-23580	TensorFlow: uncontrolled allocation DoS in shape inference	tensorflow	6.5
MEDIUM	CVE-2022-23581	TensorFlow: DoS via Grappler optimizer CHECK failure	tensorflow	6.5
MEDIUM	CVE-2022-23582	TensorFlow: SavedModel CHECK-fail causes DoS	tensorflow	6.5
MEDIUM	CVE-2022-23583	TensorFlow: SavedModel type confusion triggers DoS crash	tensorflow	6.5
MEDIUM	CVE-2022-23584	TensorFlow: use-after-free in PNG decode causes DoS	tensorflow	6.5
MEDIUM	CVE-2022-23585	TensorFlow: memory leak in PNG decode causes DoS	tensorflow	6.5
MEDIUM	CVE-2022-23586	TensorFlow: SavedModel DoS crashes Python interpreter	tensorflow	6.5
CRITICAL	CVE-2022-23587	TensorFlow: integer overflow in Grappler enables RCE	tensorflow	9.8
MEDIUM	CVE-2022-23588	TensorFlow: DoS via crafted SavedModel crashes Grappler	tensorflow	6.5
MEDIUM	CVE-2022-23589	TensorFlow Grappler: DoS via malicious SavedModel	tensorflow	6.5
HIGH	CVE-2022-23590	TensorFlow: DoS via malicious SavedModel GraphDef	tensorflow	7.5
HIGH	CVE-2022-23591	TensorFlow: SavedModel stack overflow via recursive GraphDef	tensorflow	7.5
HIGH	CVE-2022-23592	TensorFlow: heap OOB read in type inference engine	tensorflow	8.1
HIGH	CVE-2022-23593	TensorFlow MLIR-TFRT: DoS via scalar shape segfault	tensorflow	7.5
MEDIUM	CVE-2022-23594	TensorFlow MLIR: heap OOB via malicious SavedModel file	tensorflow	5.5
MEDIUM	CVE-2022-23595	TensorFlow XLA: null pointer dereference causes DoS	tensorflow	6.5
MEDIUM	CVE-2022-29191	TensorFlow: DoS via GetSessionTensor input validation	tensorflow	5.5

Page 15 of 22